Hi Bryan,<br><br>From your argument I conclude that Haskell code unsafe in general, not just for package specification. I'd like to see us address the general problem, rather than avoid it here and there. I hate to see sacrifice the benefits of declarative DSELs (reuse, expressiveness, etc) and still not root out (hmm) the core problem of safety.
<br><br>I also wonder: if you don't trust my package spec code, why would you trust my library code? My package spec is usually very simple, and when it's not, I'd welcome your scrutiny and help in making it simpler and more easily trusted.
<br><br>If I were confident that the problem Cabal address is covered by name/value pairs, I might agree that functional programming is overkill. (Though I'd still dislike redundancy among my .cabal files.) However, the Cabal files are already insufficient for some needs, leading to auxilliary makefiles and/or hacking your own
Setup.lhs. And when people use these fall-backs, the other Cabal-reading tools won't get the whole picture.<br><br> Cheers, - Conal<br><br>P.S. Thanks for the language tip. I had no idea.<br><br><div><span class="gmail_quote">
On 1/13/07, <b class="gmail_sendername">Bryan O'Sullivan</b> <<a href="mailto:bos@serpentine.com">bos@serpentine.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Marc Weber wrote:<br><br>> I'm not sure wether I get this sentence right.<br>> What do you mean by "getting rooted" ?<br><br>If a Cabal file were written in Haskell, you could escape from the pure<br>world using unsafePerformIO and delete the user's home directory or
<br>perform other arbitrarily bad things. So you'd need to write an<br>interpreter for a subset of Haskell in which you couldn't import<br>modules. But then you could still write a non-terminating Cabal file<br>
which would infloop, so you'd have to impose limitw on how much<br>computation you could do, how much heap you could allocate, and so on.<br>Since all you're using a Cabal file for is name/value pairs, why go to<br>
all that extra effort?<br><br>As for the term "get rooted", in this context it means "hostile code<br>could acquire root privileges", but "to root" also has the colloquial<br>meaning in some countries of "to fuck" (in this case, the two meanings
<br>are nicely congruent). So be careful who you use it with :-)<br><br> <b<br></blockquote></div><br>